<?php
include("config.php");

session_start();
if($_SERVER["REQUEST_METHOD"] == "POST")
{
	// username and password sent from Form
	$myusername=addslashes($_POST['username']);
	$mypassword=addslashes($_POST['password']);
	
	
	$sql="SELECT id, permission FROM user WHERE id='$myusername' and password='$mypassword'";
	$result=mysql_query($sql);
	
	$row=mysql_fetch_array($result);
	//$active=$row['active'];
	$count=mysql_num_rows($result);
	
	$permission=$row['permission'];

	// If result matched $myusername and $mypassword, table row must be 1 row
	if($count==1)
	{
		//session_register("myusername");
		$_SESSION['login_user']=$myusername;
		
		$link = "location: ";
		
		if($permission == "s"){
			$link .= "student.php";
			$_SESSION['user_type'] = 's';
		}
		else
		if($permission == "i"){
			$link .= "teacher.php";
			$_SESSION['user_type'] = 'i';
		}
		else
		if($permission == "a"){
			$link .= "admin.php";
			$_SESSION['user_type'] = 'a';
		}
		//echo $permission;
		header($link);
		
	}
	else
	{
		$error="Your Login Name or Password is invalid";
	}
}
?>
<center>
<h2>Scheduletron V1.0</h2>
<h2>Schedule Registration system</h2>
<br/><br/>
<form action="" method="post">
<label>UserName :</label><br/>
<input type="text" name="username"/><br />
<label>Password :</label><br/>
<input type="password" name="password"/><br/>
<input type="submit" value=" Submit "/><br />
</form>
</center>
